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WHAT IS CLAIMED IS: 

1 1 . A method of revoking a device, the method comprising: 

2 receiving a certificate from the device, the certificate including one or more of fields, 

3 at least one of the fields holding a signature; 

4 attempting to verify the signature; 

5 receiving a revocation list from a source, the revocation list identifying one or more 

6 data on the certificate as valid or invalid, the data including at least one of the 

7 fields of the certificate; and 

8 if one of one or more signatures identified unsuccessfully verified and one or more 

9 data is identified as invalid, preventing the transmission of a session key to the 
10 device, the session key being required to estabUsh a secure communication 

j| 1 channel. 

W 1 2. The method of claim 1 wherein the revocation list is evaluated upon file access. 

Ji 1 3. The method of claim 2 wherein the revocation hst is stored upon file creation. 

L 1 4. The method of claim 1 wherein each file has one revocation list, a plurality of files 

W 2 with a plurality of revocation Hsts having duphcative entries. 

.5 1 5. The method of claim 4 wherein the duphcative entries among a plurality of revocation 

^ 2 lists are limited by centrally storing the details and providing each file with a list of 

3 identifiers or pointers that reference a location of complete details regarding revocation 

4 information. 

1 6. The method of claim 5 wherein the revocation information may be stored by 

2 revocation nodes and the revocation hst associated with a file may be stored as a list of 

3 revocation node identifiers. 

1 7. The method of claim 6 wherein each revocation node consists of a hst of clauses and a 

2 rule for combining the clauses for determining the evaluation for the node, 

1 8. The method of claim 7 wherein the revocation results are finalized by one of get play 

2 key, play, record, copy, open, close, create, get metadata and set metadata, 
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1 9. The method of claim 1 wherein the revocation hst is stored on media along with the 

2 file. 

1 10- The method of claim 1 wherein the revocation list is copied onto each device. 

1 11. The method of claim 1 wherein the revocation list is maintained by a server such that 

2 content rendering devices communicating with a server receive updated revocation lists 

3 directly to the device. 

1 12. The method of claim 1 wherein a pluraUty of revocation lists are stored on media on a 

2 file-by-file basis, such that one or more files on the media may have a revocation list 

3 associated with the file. 

13. The method of claim 12 wherein the revocation hst is accessed during one of a file 

'^2 access process and a combination of both an authentication and a file access process. 

t3\ 14. The method of claim 1 wherein the revocation list includes a poison pill that prevents 

f^h a content rendering device ft-om operating. 

^ 1 15. The method of claim 1 wherein the revocation list is updated when the content 

fUl rendering device is connected to a server. 

H 1 16. The method of claim 1 wherein revocation of a content rendering device includes at 

2 least revocation of one or more public keys, the revocation of a public key revoking any 

3 corresponding signature. 

1 17. The method of claim 1 wherein the revocation list is maintained as an object within 

2 the file system on the media with a distinct handle. 

1 1 8. The method of claim 1 wherein the revocation information is centrally located. 

1 19. The method of claim 1 wherein the source is one of a portable medium and firmware. 

1 20. The method of claim 1 wherein the information as to whether certificates and/or 

2 public keys have been revoked is stamped on the media. 
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21. The method of claim 1 wherein the device is one of an engine, a component that 
embeds an engine, a third party digital rights management protocol, an apphcation 
running in an open computing environment, and a clearinghouse server, the certificate 
identifying one or more secure apphcation programming interfaces (APIs) for which an 
application operable with the device may have access. 

22. The method of claim 1 wherein the certificate is signed by a private key assigned 
according to a class of device, the class of device including engines, components 
embedding an engine with no external digital input/output port, components embedding 
an engine with digital input/output ports, and host applications not embedding an engine. 

23. The method of claim 1 wherein the data in the certificate specifies one or more of a 
product category, a product line, a model, a revision and a serial number of the device. 

24. The method of claim 23 wherein source validation data is compared with the data on 
the certificate to identify as invalid one or more of the product category, the product line, 
the model, the revision and the serial number of the host. 

25. The method of claim 24 wherein the certificate includes one or more of the following 
fields: certifying authority identifier, version, certifying authority public key, certifying 
authority public key identifier, exposed methods, company, model identifier, revision, 
metadata identifier, host signature public key, certifying authority signature, serial 
number, protocol key and host signature, wherein the certifying authority signature 
verifies one or more of the fields in the certificate and the host signature verifies one or 
more of the fields in the certificate. 

26. The method of claim 1 wherein the certificate enables an entity receiving the 
certificate to control quality of the device by invaUdating devices that are false or have 
latent defects. 

27. The method of claim 25 wherein the certificate further includes fields provided by a 
device manufacturer, including the device pubhc key, wherein the device pubhc key is 
signed by a private key. 
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1 28. The method of claim 25 wherein one or more of the product category, the product 

2 hne, the model, the revision and the serial number of the host are provided to a certificate 

3 creator after the host passes a qualification procedure. 

1 29. The method of claim 1 wherein the certificate specifies one or more certificate 

2 classes, the certificate classes providing a set of methods that may be exposed after the 

3 transmitting the session key. 

1 30. The method of claim 29 wherein the set of methods includes digital rights 

2 management (DRM) methods, copy, record, play, read secure metadata, write secure 

3 metadata, and unlock, the methods operable according to a type of the device. 

pi 31. The method of claim 30 wherein: 

'^2 the unlock method is associated with a clearinghouse server; 

W3 the copy method is associated with one of an engine and a first DRM apphcation 

gj4 operable with a second DRM apphcation; and 

:|} 5 the import method is associated with one or more of a player, a mastering tool, a 

- 6 kiosk, and a clearinghouse server. 

m 1 32. The method of claim 1 wherein each of the fields hold 326-bit values for 163-bit 

2 elliptic curve cryptography. 

1 33. An apparatus for revoking a host, the apparatus comprising: 

2 means for receiving a certificate from a host, the certificate including a plurality of 

3 fields including a field holding a protocol pubhc key signed by a certifying 

4 authority; 

5 means for verifying signatures on the certificate, the verifying including: 

6 verifying the certifying authority signature using the protocol public key; and 

7 verifying a host signature using a host public key on the certificate; and 

8 means for receiving validation data from a source, the validation data identifying one 

9 or more data on the certificate as valid or invalid according to a revocation list; 

10 and 

1 1 means for preventing the transmission of a session key to the host to estabhsh a secure 

12 communication channel if the signatures are invalid. 
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1 34. An engine configured to revoke a host, the engine comprising: 

2 a block configured to receive a certificate ft-om a host, the certificate including a 

3 plurality of fields including a field holding a protocol public key signed by a 

4 certifying authority; 

5 a block configured to verify signatures on the certificate, the verifying including: 

6 verifying the certifying authority signature using the protocol public key; and 

7 verifying a host signature using a host public key on the certificate; and 

8 a block configured to receive validation data fi-om a source, the validation data 

9 identifying one or more data on the certificate as valid or invalid according to 

10 a revocation list; and 

11 a block configured to preventing the transmission of a session key to the host to 
':l'i2 establish a secure communication channel if the signatures are invaUd, 

1 35. A computer program product, the computer program product comprising: 

2 signal bearing media bearing digital information adapted to be operable with a 
S 3 firmware), the digital information including programming including: 

^" 4 a block configured to receive a certificate from a host, the certificate including 

{Q 5 a plurality of fields including a field holding a protocol pubUc key signed 

6 by a certifying authority; 

Q 7 a block configured to verify signatures on the certificate, the verifjdng 

8 including: 

9 verifying the certifying authority signature using the protocol public key; and 

10 verifying a host signature using a host public key on the certificate; and 

1 1 a block configured to receive validation data from a source, the validation data 

12 identifying one or more data on the certificate as valid or invalid according 

13 to a revocation list; and 

14 a block configured to preventing the transmission of a session key to the host to 

15 establish a secure communication channel if the signatures are invalid. 
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